

<!DOCTYPE html>
<html class="writer-html5" lang="en" >
<head>
  <meta charset="utf-8" />
  
  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  
  <title>网络配置参考 &mdash; Ceph Documentation</title>
  

  
  <link rel="stylesheet" href="../../../_static/ceph.css" type="text/css" />
  <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
  <link rel="stylesheet" href="../../../_static/graphviz.css" type="text/css" />
  <link rel="stylesheet" href="../../../_static/css/custom.css" type="text/css" />

  
  
    <link rel="shortcut icon" href="../../../_static/favicon.ico"/>
  

  
  

  

  
  <!--[if lt IE 9]>
    <script src="../../../_static/js/html5shiv.min.js"></script>
  <![endif]-->
  
    
      <script type="text/javascript" id="documentation_options" data-url_root="../../../" src="../../../_static/documentation_options.js"></script>
        <script src="../../../_static/jquery.js"></script>
        <script src="../../../_static/underscore.js"></script>
        <script src="../../../_static/doctools.js"></script>
    
    <script type="text/javascript" src="../../../_static/js/theme.js"></script>

    
    <link rel="index" title="Index" href="../../../genindex/" />
    <link rel="search" title="Search" href="../../../search/" />
    <link rel="next" title="Messenger v2" href="../msgr2/" />
    <link rel="prev" title="通用选项" href="../common/" /> 
</head>

<body class="wy-body-for-nav">

   
  <header class="top-bar">
    

















<div role="navigation" aria-label="breadcrumbs navigation">

  <ul class="wy-breadcrumbs">
    
      <li><a href="../../../" class="icon icon-home"></a> &raquo;</li>
        
          <li><a href="../../">Ceph 存储集群</a> &raquo;</li>
        
          <li><a href="../">配置</a> &raquo;</li>
        
      <li>网络配置参考</li>
    
    
      <li class="wy-breadcrumbs-aside">
        
          
            <a href="../../../_sources/rados/configuration/network-config-ref.rst.txt" rel="nofollow"> View page source</a>
          
        
      </li>
    
  </ul>

  
  <hr/>
</div>
  </header>
  <div class="wy-grid-for-nav">
    
    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
      <div class="wy-side-scroll">
        <div class="wy-side-nav-search"  style="background: #eee" >
          

          
            <a href="../../../">
          

          
            
            <img src="../../../_static/logo.png" class="logo" alt="Logo"/>
          
          </a>

          

          
<div role="search">
  <form id="rtd-search-form" class="wy-form" action="../../../search/" method="get">
    <input type="text" name="q" placeholder="Search docs" />
    <input type="hidden" name="check_keywords" value="yes" />
    <input type="hidden" name="area" value="default" />
  </form>
</div>

          
        </div>

        
        <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
          
            
            
              
            
            
              <ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../../start/intro/">Ceph 简介</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../install/">安装 Ceph</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../cephadm/">Cephadm</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../../">Ceph 存储集群</a><ul class="current">
<li class="toctree-l2 current"><a class="reference internal" href="../">配置</a><ul class="current">
<li class="toctree-l3"><a class="reference internal" href="../storage-devices/">存储设备</a></li>
<li class="toctree-l3"><a class="reference internal" href="../ceph-conf/">配置 Ceph</a></li>
<li class="toctree-l3"><a class="reference internal" href="../common/">通用选项</a></li>
<li class="toctree-l3"><a class="reference internal" href="../common/#ceph-network-config">网络</a></li>
<li class="toctree-l3"><a class="reference internal" href="../common/#id3">监视器</a></li>
<li class="toctree-l3"><a class="reference internal" href="../common/#ceph-osd-config">认证</a></li>
<li class="toctree-l3"><a class="reference internal" href="../common/#osds">OSDs</a></li>
<li class="toctree-l3"><a class="reference internal" href="../common/#id5">心跳</a></li>
<li class="toctree-l3"><a class="reference internal" href="../common/#ceph-logging-and-debugging">日志记录、调试</a></li>
<li class="toctree-l3"><a class="reference internal" href="../common/#ceph-conf">ceph.conf 实例</a></li>
<li class="toctree-l3"><a class="reference internal" href="../common/#ceph-runtime-config">跑多个集群（已废弃）</a></li>
<li class="toctree-l3 current"><a class="current reference internal" href="#">网络选项</a><ul>
<li class="toctree-l4"><a class="reference internal" href="#id2">防火墙</a></li>
<li class="toctree-l4"><a class="reference internal" href="#ceph">Ceph 网络</a></li>
<li class="toctree-l4"><a class="reference internal" href="#id6">Ceph 守护进程</a></li>
<li class="toctree-l4"><a class="reference internal" href="#id7">网络配置选项</a></li>
</ul>
</li>
<li class="toctree-l3"><a class="reference internal" href="../msgr2/">信使协议 v2</a></li>
<li class="toctree-l3"><a class="reference internal" href="../auth-config-ref/">认证选项</a></li>
<li class="toctree-l3"><a class="reference internal" href="../mon-config-ref/">监视器选项</a></li>
<li class="toctree-l3"><a class="reference internal" href="../mon-lookup-dns/">通过 DNS 查询监视器</a></li>
<li class="toctree-l3"><a class="reference internal" href="../mon-osd-interaction/">心跳选项（监视器与 OSD 的的交互）</a></li>
<li class="toctree-l3"><a class="reference internal" href="../osd-config-ref/">OSD 选项</a></li>
<li class="toctree-l3"><a class="reference internal" href="../mclock-config-ref/">DmClock 配置</a></li>
<li class="toctree-l3"><a class="reference internal" href="../bluestore-config-ref/">BlueStore 配置</a></li>
<li class="toctree-l3"><a class="reference internal" href="../filestore-config-ref/">FileStore 配置</a></li>
<li class="toctree-l3"><a class="reference internal" href="../journal-ref/">日志选项</a></li>
<li class="toctree-l3"><a class="reference internal" href="../pool-pg-config-ref/">存储池、归置组和 CRUSH 选项</a></li>
<li class="toctree-l3"><a class="reference internal" href="../general-config-ref/">常规选项</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="../../operations/">运维</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../man/">    手册页</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../troubleshooting/">故障排除</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../api/">APIs</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../cephfs/">Ceph 文件系统</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../rbd/">Ceph 块设备</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../radosgw/">Ceph 对象网关</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../mgr/">Ceph 管理器守护进程</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../mgr/dashboard/">Ceph 仪表盘</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../api/">API 文档</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../architecture/">体系结构</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../dev/developer_guide/">开发者指南</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../dev/internals/">Ceph 内幕</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../governance/">项目管理</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../foundation/">Ceph 基金会</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../ceph-volume/">ceph-volume</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../releases/general/">Ceph 版本（总目录）</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../releases/">Ceph 版本（索引）</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../security/">Security</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../glossary/">Ceph 术语</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../jaegertracing/">Tracing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../translation_cn/">中文版翻译资源</a></li>
</ul>

            
          
        </div>
        
      </div>
    </nav>

    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">

      
      <nav class="wy-nav-top" aria-label="top navigation">
        
          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
          <a href="../../../">Ceph</a>
        
      </nav>


      <div class="wy-nav-content">
        
        <div class="rst-content">
        
          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
           <div itemprop="articleBody">
            
<div id="dev-warning" class="admonition note">
  <p class="first admonition-title">Notice</p>
  <p class="last">This document is for a development version of Ceph.</p>
</div>
  <div id="docubetter" align="right" style="padding: 5px; font-weight: bold;">
    <a href="https://pad.ceph.com/p/Report_Documentation_Bugs">Report a Documentation Bug</a>
  </div>

  
  <div class="section" id="id1">
<h1>网络配置参考<a class="headerlink" href="#id1" title="Permalink to this headline">¶</a></h1>
<p>网络配置对构建高性能 <a class="reference internal" href="../../../glossary/#term-7"><span class="xref std std-term">Ceph 存储集群</span></a>来说相当重要。
Ceph 存储集群不会代表 <a class="reference internal" href="../../../glossary/#term-35"><span class="xref std std-term">Ceph 客户端</span></a>执行请求路由或调度，相反， Ceph 客户端（如块设备、 CephFS 、 REST 网关）直接向 OSD
请求，然后OSD为客户端执行数据复制，也就是说复制和其它因素会额外增加集群网的负载。</p>
<p>我们的快速入门配置提供了一个简陋的 Ceph 配置文件，其中只设置了监视器 IP 地址和守护进程所在的主机名。如果没有配置集群网，那么 Ceph 假设你只有一个“公共网”。只用一个网可以运行
Ceph ，但是在大型集群里用单独的“集群”网可显著地提升性能。</p>
<p>Ceph 存储集群可以运行在两个网络上：
一个公共网（客户端、前端）和一个集群网（私有的、用于复制、后端）。
然而，此方法把网络配置（硬件和软件都是）复杂化了，
而且通常对整体性能也没有太大的影响。
故此，考虑到系统弹性和容量，
我们建议采用双网卡系统，用 active/active 模式绑定起来或者做 3 层多路径策略，如 FRR 。</p>
<p>如果你不怕复杂，还想分两个网络，
各 <a class="reference internal" href="../../../glossary/#term-4"><span class="xref std std-term">Ceph 节点</span></a>就得配备多个网卡或 VLAN ，
更多细节见<cite>硬件推荐——网络</cite>。</p>
<div class="section" id="id2">
<h2>防火墙<a class="headerlink" href="#id2" title="Permalink to this headline">¶</a></h2>
<p>默认情况下，守护进程会<a class="reference internal" href="#id10">绑定</a>到 <code class="docutils literal notranslate"><span class="pre">6800:7300</span></code> 间的端口，你可以更改此范围。更改防火墙配置前先检查下 <code class="docutils literal notranslate"><span class="pre">iptables</span></code> 配置。</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">iptables</span> <span class="o">-</span><span class="n">L</span>
</pre></div>
</div>
<p>一些 Linux 发行版的规则拒绝除 SSH 之外的所有网卡的所有入栈连接，例如：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">REJECT</span> <span class="nb">all</span> <span class="o">--</span> <span class="n">anywhere</span> <span class="n">anywhere</span> <span class="n">reject</span><span class="o">-</span><span class="k">with</span> <span class="n">icmp</span><span class="o">-</span><span class="n">host</span><span class="o">-</span><span class="n">prohibited</span>
</pre></div>
</div>
<p>你得先删掉公共网和集群网对应的这些规则，然后再增加安全保护规则。</p>
<div class="section" id="id3">
<h3>监视器防火墙<a class="headerlink" href="#id3" title="Permalink to this headline">¶</a></h3>
<p>监视器默认监听 <code class="docutils literal notranslate"><span class="pre">6789</span></code> 端口，而且监视器总是运行在公共网。
按下例增加规则时，要把 <code class="docutils literal notranslate"><span class="pre">{iface}</span></code> 替换为公共网接口
（如 <code class="docutils literal notranslate"><span class="pre">eth0</span></code> 、 <code class="docutils literal notranslate"><span class="pre">eth1</span></code> 等等）、
<code class="docutils literal notranslate"><span class="pre">{ip-address}</span></code> 替换为公共网 IP 、
<code class="docutils literal notranslate"><span class="pre">{netmask}</span></code> 替换为公共网掩码。</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">iptables</span> <span class="o">-</span><span class="n">A</span> <span class="n">INPUT</span> <span class="o">-</span><span class="n">i</span> <span class="p">{</span><span class="n">iface</span><span class="p">}</span> <span class="o">-</span><span class="n">p</span> <span class="n">tcp</span> <span class="o">-</span><span class="n">s</span> <span class="p">{</span><span class="n">ip</span><span class="o">-</span><span class="n">address</span><span class="p">}</span><span class="o">/</span><span class="p">{</span><span class="n">netmask</span><span class="p">}</span> <span class="o">--</span><span class="n">dport</span> <span class="mi">6789</span> <span class="o">-</span><span class="n">j</span> <span class="n">ACCEPT</span>
</pre></div>
</div>
</div>
<div class="section" id="mds">
<h3>MDS 和管理器防火墙<a class="headerlink" href="#mds" title="Permalink to this headline">¶</a></h3>
<p><a class="reference internal" href="../../../glossary/#term-33"><span class="xref std std-term">Ceph 元数据服务器</span></a>或 <a class="reference internal" href="../../../glossary/#term-26"><span class="xref std std-term">Ceph 管理器</span></a>会监听公共网 6800 以上的第一个可用端口。
需要注意的是，这种行为是不确定的，
所以如果你在同一主机上运行多个 OSD 或 MDS 、
或者在很短的时间内重启了多个守护进程，它们会绑定更高的端口号；
所以说你应该预先打开整个 6800-7300 端口区间。
按下例增加规则时，要把 <code class="docutils literal notranslate"><span class="pre">{iface}</span></code> 替换为公共网接口（如 <code class="docutils literal notranslate"><span class="pre">eth0</span></code> 、 <code class="docutils literal notranslate"><span class="pre">eth1</span></code> 等等）、
<code class="docutils literal notranslate"><span class="pre">{ip-address}</span></code> 替换为公共网 IP 、 <code class="docutils literal notranslate"><span class="pre">{netmask}</span></code> 替换为公共网掩码。</p>
<p>例如：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">iptables</span> <span class="o">-</span><span class="n">A</span> <span class="n">INPUT</span> <span class="o">-</span><span class="n">i</span> <span class="p">{</span><span class="n">iface</span><span class="p">}</span> <span class="o">-</span><span class="n">m</span> <span class="n">multiport</span> <span class="o">-</span><span class="n">p</span> <span class="n">tcp</span> <span class="o">-</span><span class="n">s</span> <span class="p">{</span><span class="n">ip</span><span class="o">-</span><span class="n">address</span><span class="p">}</span><span class="o">/</span><span class="p">{</span><span class="n">netmask</span><span class="p">}</span> <span class="o">--</span><span class="n">dports</span> <span class="mi">6800</span><span class="p">:</span><span class="mi">7300</span> <span class="o">-</span><span class="n">j</span> <span class="n">ACCEPT</span>
</pre></div>
</div>
</div>
<div class="section" id="osd">
<h3>OSD 防火墙<a class="headerlink" href="#osd" title="Permalink to this headline">¶</a></h3>
<p>OSD 守护进程默认<a class="reference internal" href="#id10">绑定</a> 从 6800 起的第一个可用端口，需要注意的是，这种行为是不确定的，所以如果你在同一主机上运行多个 OSD
或 MDS 、或者在很短的时间内重启了多个守护进程，它们会绑定更高的端口号。一主机上的各个 OSD 最多会用到 4 个端口：</p>
<ol class="arabic simple">
<li><p>一个用于和客户端、监视器通讯；</p></li>
<li><p>一个用于发送数据到其他 OSD ；</p></li>
<li><p>两个用于各个网卡上的心跳；</p></li>
</ol>
<p>当某个守护进程失败并重启时没释放端口，重启后的进程就会监听新端口。你应该打开整个 6800-7300 端口区间，以应对这种可能性。</p>
<p>如果你分开了公共网和集群网，必须分别为之设置防火墙，
因为客户端会通过公共网连接、而其他 OSD 会通过集群网连接。
按下例增加规则时，要把 <code class="docutils literal notranslate"><span class="pre">{iface}</span></code> 替换为网口
（如 <code class="docutils literal notranslate"><span class="pre">eth0</span></code> 、 <code class="docutils literal notranslate"><span class="pre">eth1</span></code> 等等）、
<code class="docutils literal notranslate"><span class="pre">{ip-address}</span></code> 替换为公共网或集群网 IP 、
<code class="docutils literal notranslate"><span class="pre">{netmask}</span></code> 替换为公共网或集群网掩码。例如：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">iptables</span> <span class="o">-</span><span class="n">A</span> <span class="n">INPUT</span> <span class="o">-</span><span class="n">i</span> <span class="p">{</span><span class="n">iface</span><span class="p">}</span>  <span class="o">-</span><span class="n">m</span> <span class="n">multiport</span> <span class="o">-</span><span class="n">p</span> <span class="n">tcp</span> <span class="o">-</span><span class="n">s</span> <span class="p">{</span><span class="n">ip</span><span class="o">-</span><span class="n">address</span><span class="p">}</span><span class="o">/</span><span class="p">{</span><span class="n">netmask</span><span class="p">}</span> <span class="o">--</span><span class="n">dports</span> <span class="mi">6800</span><span class="p">:</span><span class="mi">7300</span> <span class="o">-</span><span class="n">j</span> <span class="n">ACCEPT</span>
</pre></div>
</div>
<div class="admonition tip">
<p class="admonition-title">Tip</p>
<p>如果你的元数据服务器和 OSD 在同一节点上，可以合并公共网配置。</p>
</div>
</div>
</div>
<div class="section" id="ceph">
<h2>Ceph 网络<a class="headerlink" href="#ceph" title="Permalink to this headline">¶</a></h2>
<p>Ceph 的网络配置要放到 <code class="docutils literal notranslate"><span class="pre">[global]</span></code> 段下。
前述的 5 分钟快速入门提供了一个简陋的 Ceph 配置文件，
它假设服务器和客户端都位于同一网段，
Ceph 可以很好地适应这种情形。
然而 Ceph 允许配置更精细的公共网，包括多 IP 和多掩码；
也能用单独的集群网处理 OSD 心跳、对象复制、和恢复流量。
不要混淆你配置的 IP 地址和客户端用来访问存储服务的公共网地址。
典型的内网常常是 <code class="docutils literal notranslate"><span class="pre">192.168.0.0</span></code> 或 <code class="docutils literal notranslate"><span class="pre">10.0.0.0</span></code> 。</p>
<div class="admonition tip">
<p class="admonition-title">Tip</p>
<p>如果你给公共网或集群网配置了多个 IP 地址及子网掩码，这些子网必须能互通。
另外要确保在防火墙上为各 IP
和子网开放了必要的端口。</p>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Ceph 用 CIDR 法表示子网，如 <code class="docutils literal notranslate"><span class="pre">10.0.0.0/24</span></code> 。</p>
</div>
<p>配置完几个网络后，可以重启集群或挨个重启守护进程。
Ceph 守护进程动态地绑定端口，
所以更改网络配置后无需重启整个集群。</p>
<div class="section" id="id4">
<h3>公共网<a class="headerlink" href="#id4" title="Permalink to this headline">¶</a></h3>
<p>要配置一个公共网，把下列选项加到配置文件的 <code class="docutils literal notranslate"><span class="pre">[global]</span></code> 段下。</p>
<div class="highlight-ini notranslate"><div class="highlight"><pre><span></span><span class="k">[global]</span>
        <span class="c1"># ... elided configuration</span>
        <span class="na">public network</span> <span class="o">=</span> <span class="s">{public-network/netmask}</span>
</pre></div>
</div>
</div>
<div class="section" id="cluster-network">
<span id="id5"></span><h3>集群网<a class="headerlink" href="#cluster-network" title="Permalink to this headline">¶</a></h3>
<p>如果你声明了集群网， OSD 将把心跳、对象复制和恢复流量路由到集群网，与单个网络相比这会提升性能。要配置集群网，把下列选项加进配置文件的 <code class="docutils literal notranslate"><span class="pre">[global]</span></code> 段。</p>
<div class="highlight-ini notranslate"><div class="highlight"><pre><span></span><span class="k">[global]</span>
        <span class="c1"># ... elided configuration</span>
        <span class="na">cluster network</span> <span class="o">=</span> <span class="s">{cluster-network/netmask}</span>
</pre></div>
</div>
<p>为安全起见，从公共网或互联网到集群网应该是<strong>不可达</strong>的。</p>
</div>
<div class="section" id="ipv4-ipv6">
<h3>IPv4/IPv6 双栈模式<a class="headerlink" href="#ipv4-ipv6" title="Permalink to this headline">¶</a></h3>
<p>如果你想在 IPv4/IPv6 双栈模式下运行集群、而且想定义公共网和/或集群网，
那么你需要分别配置 IPv4 和 IPv6 网络的地址段：</p>
<div class="highlight-ini notranslate"><div class="highlight"><pre><span></span><span class="k">[global]</span>
        <span class="c1"># ... elided configuration</span>
        <span class="na">public_network</span> <span class="o">=</span> <span class="s">{IPv4 public-network/netmask}, {IPv6 public-network/netmask}</span>
</pre></div>
</div>
<p>这样，两种地址下 Ceph 都能找到可用的 IP 地址。</p>
<p>如果你只想要一个 IPv4 或 IPv6 单栈环境，
正确地配置 <cite>ms bind</cite> 选项即可。</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>绑定到 IPv4 地址默认就是启用的，所以，如果你想加上一个选项绑定到 IPv6 ，
你其实已经进入了双栈模式。如果你只想要 IPv6 ，可以禁用 IPv4 并启用 IPv6 。
见下文的 <a class="reference internal" href="#id10">绑定</a> 。</p>
</div>
</div>
</div>
<div class="section" id="id6">
<h2>Ceph 守护进程<a class="headerlink" href="#id6" title="Permalink to this headline">¶</a></h2>
<p>监视器守护进程都分别配置成了绑定到某一个特定的 IP 地址。
这些地址通常都是由部署工具配置的。
Ceph 集群里的其它组件通过 <code class="docutils literal notranslate"><span class="pre">mon</span> <span class="pre">host</span></code> 配置选项来发现监视器，
通常写在 <code class="docutils literal notranslate"><span class="pre">ceph.conf</span></code> 文件的 <code class="docutils literal notranslate"><span class="pre">[global]</span></code> 段下。</p>
<div class="highlight-ini notranslate"><div class="highlight"><pre><span></span><span class="k">[global]</span>
    <span class="na">mon host</span> <span class="o">=</span> <span class="s">10.0.0.2, 10.0.0.3, 10.0.0.4</span>
</pre></div>
</div>
<p><code class="docutils literal notranslate"><span class="pre">mon_host</span></code> 的值可以是 IP 地址列表、或者域名，
可以通过 DNS 查找。如果是域名，有多个 A 或者 AAAA 记录的话，
会按顺序探测所有的地址，以发现监视器。
只要有一个可达，就能发现当前所有的其他监视器，
所以， <code class="docutils literal notranslate"><span class="pre">mon</span> <span class="pre">host</span></code> 配置选项只要够新，
客户端能找到一个当前在线的监视器就可以。</p>
<p>MGR 、 OSD 、和 MDS 守护进程会绑定到所有可用地址上，
不需要任何特殊的配置。即便如此，
还是可以用 <code class="docutils literal notranslate"><span class="pre">public</span> <span class="pre">addr</span></code> 配置选项（和/或，
对于 OSD 守护进程是 <code class="docutils literal notranslate"><span class="pre">cluster</span> <span class="pre">addr</span></code> ）
指定一个让它们绑定的特定 IP 地址。例如，</p>
<div class="highlight-ini notranslate"><div class="highlight"><pre><span></span><span class="k">[osd.0]</span>
        <span class="na">public addr</span> <span class="o">=</span> <span class="s">{host-public-ip-address}</span>
        <span class="na">cluster addr</span> <span class="o">=</span> <span class="s">{host-cluster-ip-address}</span>
</pre></div>
</div>
<div class="topic">
<p class="topic-title">单网卡OSD、双网络集群</p>
<p>一般来说，我们不建议用单网卡 OSD 主机部署两个网络。然而这事可以实现，把 <code class="docutils literal notranslate"><span class="pre">public</span> <span class="pre">addr</span></code> 选项配在 <code class="docutils literal notranslate"><span class="pre">[osd.n]</span></code> 段下即可强制 OSD 主机运行在公共网，其中 <code class="docutils literal notranslate"><span class="pre">n</span></code> 是其 OSD 号。另外，公共网和集群网必须互通，考虑到安全因素我们不建议这样做。</p>
</div>
</div>
<div class="section" id="id7">
<h2>网络配置选项<a class="headerlink" href="#id7" title="Permalink to this headline">¶</a></h2>
<p>网络配置选项不是必需的， Ceph 假设所有主机都运行于公共网，
除非你特意配置了一个集群网。</p>
<div class="section" id="id8">
<h3>公共网<a class="headerlink" href="#id8" title="Permalink to this headline">¶</a></h3>
<p>公共网配置用于明确地为公共网定义 IP 地址和子网。你可以分配静态 IP 或用 <code class="docutils literal notranslate"><span class="pre">public</span> <span class="pre">addr</span></code> 覆盖 <code class="docutils literal notranslate"><span class="pre">public</span> <span class="pre">network</span></code> 选项。</p>
<dl class="std confval">
<dt id="confval-public_network">
<code class="sig-name descname"><span class="pre">public_network</span></code><a class="headerlink" href="#confval-public_network" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>公共网（前端）的 IP 地址和掩码（如 <code class="docutils literal notranslate"><span class="pre">192.168.0.0/24</span></code> ）， 放置于 <code class="docutils literal notranslate"><span class="pre">[global]</span></code> 下。
多个子网用逗号分隔。格式是这样： <code class="docutils literal notranslate"><span class="pre">{ip-address}/{netmask}</span> <span class="pre">[,</span> <span class="pre">{ip-address}/{netmask}]</span></code></p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">str</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-public_addr">
<code class="sig-name descname"><span class="pre">public_addr</span></code><a class="headerlink" href="#confval-public_addr" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>用于公共网（前端）的 IP 地址。 配置在各守护进程上。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">addr</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

</div>
<div class="section" id="id9">
<h3>集群网<a class="headerlink" href="#id9" title="Permalink to this headline">¶</a></h3>
<p>集群网配置用来声明一个集群网，并明确地定义其 IP 地址和子网。你可以配置静态 IP 或为某 OSD 守护进程配置 <code class="docutils literal notranslate"><span class="pre">cluster</span> <span class="pre">addr</span></code> 以覆盖 <code class="docutils literal notranslate"><span class="pre">cluster</span> <span class="pre">network</span></code> 选项。</p>
<dl class="std confval">
<dt id="confval-cluster_network">
<code class="sig-name descname"><span class="pre">cluster_network</span></code><a class="headerlink" href="#confval-cluster_network" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>集群网（后端）的 IP 地址及掩码（如 <code class="docutils literal notranslate"><span class="pre">10.0.0.0/24</span></code> ），在 <code class="docutils literal notranslate"><span class="pre">[global]</span></code> 下配置。
多个子网用逗号分隔。格式是这样： <code class="docutils literal notranslate"><span class="pre">{ip-address}/{netmask}</span> <span class="pre">[,</span> <span class="pre">{ip-address}/{netmask}]</span></code></p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">str</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-cluster_addr">
<code class="sig-name descname"><span class="pre">cluster_addr</span></code><a class="headerlink" href="#confval-cluster_addr" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>用于集群网（后端）的 IP 地址。 配置在各守护进程下。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">addr</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

</div>
<div class="section" id="id10">
<h3>绑定<a class="headerlink" href="#id10" title="Permalink to this headline">¶</a></h3>
<p>绑定选项用于设置 OSD 和 MDS 默认使用的端口范围，默认范围是
<code class="docutils literal notranslate"><span class="pre">6800:7300</span></code> 。确保<a class="reference internal" href="#id2">防火墙</a>开放了对应端口范围。</p>
<p>你也可以让 Ceph 守护进程绑定到 IPv6 地址而非 IPv4 地址。</p>
<dl class="std confval">
<dt id="confval-ms_bind_port_min">
<code class="sig-name descname"><span class="pre">ms_bind_port_min</span></code><a class="headerlink" href="#confval-ms_bind_port_min" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>OSD 或 MDS 可绑定的最小端口号。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">int</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">6800</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_bind_port_max">
<code class="sig-name descname"><span class="pre">ms_bind_port_max</span></code><a class="headerlink" href="#confval-ms_bind_port_max" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>OSD 或 MDS 可绑定的最大端口号。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">int</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">7568</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_bind_ipv4">
<code class="sig-name descname"><span class="pre">ms_bind_ipv4</span></code><a class="headerlink" href="#confval-ms_bind_ipv4" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>让 Ceph 守护进程绑定到 IPv4 地址。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">bool</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">true</span></code></p>
</dd>
<dt class="field-odd">see also</dt>
<dd class="field-odd"><p><a class="reference internal" href="#confval-ms_bind_ipv6"><code class="xref std std-confval docutils literal notranslate"><span class="pre">ms_bind_ipv6</span></code></a></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_bind_ipv6">
<code class="sig-name descname"><span class="pre">ms_bind_ipv6</span></code><a class="headerlink" href="#confval-ms_bind_ipv6" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>允许 Ceph 守护进程绑定 IPv6 地址。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">bool</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p>
</dd>
<dt class="field-odd">see also</dt>
<dd class="field-odd"><p><a class="reference internal" href="#confval-ms_bind_ipv4"><code class="xref std std-confval docutils literal notranslate"><span class="pre">ms_bind_ipv4</span></code></a></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-public_bind_addr">
<code class="sig-name descname"><span class="pre">public_bind_addr</span></code><a class="headerlink" href="#confval-public_bind_addr" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>在一些动态部署中， Ceph 的监视器守护进程可能会监听 <code class="docutils literal notranslate"><span class="pre">public_addr</span></code> 以外的本地 IP
地址（已广播到了网内的其它节点），这样的环境必须确保路由规则正确无误。如果配置了 <code class="docutils literal notranslate"><span class="pre">public_bind_addr</span></code>
，监视器守护进程就只会监听它，并且在监视器运行图（ monmap ）里使用 <code class="docutils literal notranslate"><span class="pre">public</span> <span class="pre">addr</span></code> 地址、并向其余节点广播其地址。此行为仅限于监视器守护进程。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">addr</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

</div>
<div class="section" id="tcp">
<h3>TCP<a class="headerlink" href="#tcp" title="Permalink to this headline">¶</a></h3>
<p>Ceph 默认禁用 TCP 缓冲。</p>
<dl class="std confval">
<dt id="confval-ms_tcp_nodelay">
<code class="sig-name descname"><span class="pre">ms_tcp_nodelay</span></code><a class="headerlink" href="#confval-ms_tcp_nodelay" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>Ceph 用 <code class="docutils literal notranslate"><span class="pre">ms_tcp_nodelay</span></code> 使系统尽快（不缓冲）发送每个请求。禁用 <a class="reference external" href="https://en.wikipedia.org/wiki/Nagle's_algorithm">Nagle 算法</a>会增加网络流量，还会导致延时增大。如果你受不了大量小包，可以禁用 <code class="docutils literal notranslate"><span class="pre">ms</span> <span class="pre">tcp</span> <span class="pre">nodelay</span></code> 试试。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">bool</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">true</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_tcp_rcvbuf">
<code class="sig-name descname"><span class="pre">ms_tcp_rcvbuf</span></code><a class="headerlink" href="#confval-ms_tcp_rcvbuf" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>网络连接接收时的套接字缓冲尺寸，默认禁用。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">size</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">0B</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

</div>
<div class="section" id="id11">
<h3>常规选项<a class="headerlink" href="#id11" title="Permalink to this headline">¶</a></h3>
<dl class="std confval">
<dt id="confval-ms_type">
<code class="sig-name descname"><span class="pre">ms_type</span></code><a class="headerlink" href="#confval-ms_type" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>Transport type used by Async Messenger. Can be <code class="docutils literal notranslate"><span class="pre">async+posix</span></code>,
<code class="docutils literal notranslate"><span class="pre">async+dpdk</span></code> or <code class="docutils literal notranslate"><span class="pre">async+rdma</span></code>. Posix uses standard TCP/IP
networking and is default. Other transports may be experimental and
support may be limited.</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">str</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">async+posix</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_async_op_threads">
<code class="sig-name descname"><span class="pre">ms_async_op_threads</span></code><a class="headerlink" href="#confval-ms_async_op_threads" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>各 Async Messenger 例程所用工作线程的初始数量。 至少也得等于副本数的最大值，但是，如果 CPU 核心数比较少、
或者单台服务器上的 OSD 很多，那你可以适当降低些。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">uint</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">3</span></code></p>
</dd>
<dt class="field-odd">allowed range</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">[1,</span> <span class="pre">24]</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_initial_backoff">
<code class="sig-name descname"><span class="pre">ms_initial_backoff</span></code><a class="headerlink" href="#confval-ms_initial_backoff" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>出错时重连之前等待的初始时间。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">float</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">0.2</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_max_backoff">
<code class="sig-name descname"><span class="pre">ms_max_backoff</span></code><a class="headerlink" href="#confval-ms_max_backoff" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>出错重连之前等待的最大时间。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">float</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">15.0</span></code></p>
</dd>
<dt class="field-odd">see also</dt>
<dd class="field-odd"><p><a class="reference internal" href="#confval-ms_initial_backoff"><code class="xref std std-confval docutils literal notranslate"><span class="pre">ms_initial_backoff</span></code></a></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_die_on_bad_msg">
<code class="sig-name descname"><span class="pre">ms_die_on_bad_msg</span></code><a class="headerlink" href="#confval-ms_die_on_bad_msg" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>调试选项，不要配置。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">bool</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_dispatch_throttle_bytes">
<code class="sig-name descname"><span class="pre">ms_dispatch_throttle_bytes</span></code><a class="headerlink" href="#confval-ms_dispatch_throttle_bytes" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>等着传送的消息尺寸阀值。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">size</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">100Mi</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

<dl class="std confval">
<dt id="confval-ms_inject_socket_failures">
<code class="sig-name descname"><span class="pre">ms_inject_socket_failures</span></code><a class="headerlink" href="#confval-ms_inject_socket_failures" title="Permalink to this definition">¶</a></dt>
<dd><blockquote>
<div><p>调试选项，别配置。</p>
<dl class="field-list simple">
<dt class="field-odd">type</dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">uint</span></code></p>
</dd>
<dt class="field-even">default</dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">0</span></code></p>
</dd>
</dl>
</div></blockquote>
</dd></dl>

</div>
</div>
</div>



           </div>
           
          </div>
          <footer>
    <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
        <a href="../msgr2/" class="btn btn-neutral float-right" title="Messenger v2" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
        <a href="../common/" class="btn btn-neutral float-left" title="通用选项" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
    </div>

  <hr/>

  <div role="contentinfo">
    <p>
        &#169; Copyright 2016, Ceph authors and contributors. Licensed under Creative Commons Attribution Share Alike 3.0 (CC-BY-SA-3.0).

    </p>
  </div> 

</footer>
        </div>
      </div>

    </section>

  </div>
  

  <script type="text/javascript">
      jQuery(function () {
          SphinxRtdTheme.Navigation.enable(true);
      });
  </script>

  
  
    
   

</body>
</html>